package com.cxria.springboottest.conf

import com.cxria.springboottest.security.handler.AuthAccessDeniedHandler
import com.cxria.springboottest.security.handler.AuthEntryPoint
import com.cxria.springboottest.security.handler.AuthFailureHandler
import com.cxria.springboottest.security.handler.AuthLogoutSuccessHandler
import com.cxria.springboottest.security.handler.AuthSuccessHandler
import com.cxria.springboottest.security.MyPasswordEncoder
import com.cxria.springboottest.service.impl.UserServiceImpl
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.builders.WebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.web.AuthenticationEntryPoint
import org.springframework.security.web.access.AccessDeniedHandler
import org.springframework.security.web.authentication.AuthenticationFailureHandler
import org.springframework.security.web.authentication.AuthenticationSuccessHandler
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Bean
    UserDetailsService userService(){
        new UserServiceImpl()
    }

    @Bean
    AuthenticationEntryPoint authenticationEntryPoint(){
        new AuthEntryPoint()
    }

    @Bean
    AuthenticationSuccessHandler authenticationSuccessHandler() {
        new AuthSuccessHandler()
    }

    @Bean
    AuthenticationFailureHandler authenticationFailureHandler(){
        new AuthFailureHandler()
    }

    @Bean
    AccessDeniedHandler accessDeniedHandler(){
        new AuthAccessDeniedHandler()
    }

    @Bean
    LogoutSuccessHandler logoutSuccessHandler(){
        new AuthLogoutSuccessHandler()
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService())
                .passwordEncoder(new MyPasswordEncoder())
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                .antMatchers('/user/show').hasAuthority('user-manager')
                .anyRequest().authenticated()
                .and()
                    .formLogin()
                        .loginPage('/user/login')
                        .successHandler(authenticationSuccessHandler())
                        .failureHandler(authenticationFailureHandler())
                        .permitAll()
                .and().logout()
                    .logoutUrl('/user/logout')
                    .logoutSuccessHandler(logoutSuccessHandler())
                    .permitAll()
                .and().exceptionHandling()
                    .authenticationEntryPoint(authenticationEntryPoint())
                    .accessDeniedHandler(accessDeniedHandler())

    }

    @Override
    void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers(
                '/css/**',
                '/swagger-ui.html',
                '/webjars/springfox-swagger-ui/**',
                '/swagger-resources/**',
                '/v2/api-docs')
    }

}
